Bug 1263899 - Fix readFrameArgsAndLocals to always use maybeRead since it can't recover instructions. (r=nbp)
authorShu-yu Guo <shu@rfrn.org>
Wed, 20 Apr 2016 14:52:12 -0700
changeset 294116 76830a19c86a98f3d63d187985659ed556e2ced9
parent 294115 b8f1a46ea42a9b2c49cbd9d0828a5fcda5d3eca7
child 294117 315627acd221535a346a0a7461efdd4a01d8fc28
push id75437
push usershu@rfrn.org
push dateWed, 20 Apr 2016 21:50:16 +0000
treeherdermozilla-inbound@d4826513cafc [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersnbp
bugs1263899
milestone48.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1263899 - Fix readFrameArgsAndLocals to always use maybeRead since it can't recover instructions. (r=nbp)
js/src/jit-test/tests/debug/bug1263899.js
js/src/jit/JitFrameIterator.h
new file mode 100644
--- /dev/null
+++ b/js/src/jit-test/tests/debug/bug1263899.js
@@ -0,0 +1,29 @@
+try {
+  evaluate(` 
+    function runTestCase() $ERROR()
+    function $ERROR() {
+      throw Error
+    }
+    Object.defineProperty(this, "x", { value: 0 });
+    setJitCompilerOption("ion.warmup.trigger", 0)
+  `)
+  evaluate(`function f() {} f(x)`)
+  runTestCase()
+} catch (exc) {}
+evaluate(`
+  g = newGlobal()
+  g.parent = this
+  g.eval("(" + function() {
+    Debugger(parent).onExceptionUnwind = function(frame) {
+      frame.older
+    }
+  } + ")()")
+  try { $ERROR() } catch(e){}
+`)
+try {
+evaluate(`
+  x ^= null;
+  if (x = 1)
+    $ERROR()
+`);
+} catch(e) {}
--- a/js/src/jit/JitFrameIterator.h
+++ b/js/src/jit/JitFrameIterator.h
@@ -704,17 +704,17 @@ class InlineFrameIterator
             Value scopeChainValue = s.maybeRead(fallback);
             *scopeChain = computeScopeChain(scopeChainValue, fallback, hasCallObj);
         } else {
             s.skip();
         }
 
         // Read return value.
         if (rval)
-            *rval = s.read();
+            *rval = s.maybeRead(fallback);
         else
             s.skip();
 
         // Read arguments, which only function frames have.
         if (isFunctionFrame()) {
             unsigned nactual = numActualArgs();
             unsigned nformal = calleeTemplate()->nargs();